docker-mailserver/test/test.sh

#!/bin/bash

# Set up test framework
source assert.sh

# Testing that services are running and pop3 is disabled
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/lib/postfix/master'" 0
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'" 0
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'" 0
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/sbin/amavisd-new'" 0
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/sbin/opendkim'" 0
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/sbin/opendmarc'" 0
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/lib/courier/courier/courierpop3d'" 1
assert_raises "docker exec mail ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'" 0

# Testing services of pop3 container
assert_raises "docker exec mail_pop3 ps aux --forest | grep -v grep | grep '/usr/lib/courier/courier/courierpop3d'" 0

# Testing IMAP server
assert_raises "docker exec mail nc -w 1 0.0.0.0 143 | grep '* OK' | grep 'STARTTLS' | grep 'Courier-IMAP ready'" 0
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 143 < /tmp/test/auth/imap-auth.txt'" 0

# Testing POP3 server on pop3 container
assert_raises "docker exec mail_pop3 nc -w 1 0.0.0.0 110 | grep '+OK'" 0
assert_raises "docker exec mail_pop3 /bin/sh -c 'nc -w 1 0.0.0.0 110 < /tmp/test/auth/pop3-auth.txt'" 0

# Testing SASL
assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p mypassword | grep 'OK \"Success.\"'" 0
assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p BADPASSWORD | grep 'NO \"authentication failed\"'" 0
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-plain.txt' | grep 'Authentication successful'"
assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login.txt' | grep 'Authentication successful'"

# Testing user creation
assert "docker exec mail sasldblistusers2" "user1@localhost.localdomain: userPassword\nuser2@otherdomain.tld: userPassword"
assert "docker exec mail ls -A /var/mail/localhost.localdomain/user1" ".Drafts\n.Sent\n.Trash\ncourierimapsubscribed\ncur\nnew\ntmp"
assert "docker exec mail ls -A /var/mail/otherdomain.tld/user2" ".Drafts\n.Sent\n.Trash\ncourierimapsubscribed\ncur\nnew\ntmp"

# Testing `vhost` creation
assert "docker exec mail cat /etc/postfix/vhost" "localhost.localdomain\notherdomain.tld"

# Testing that mail is received for existing user
assert_raises "docker exec mail grep 'status=sent (delivered to maildir)' /var/log/mail.log" 0
assert "docker exec mail ls -A /var/mail/localhost.localdomain/user1/new | wc -l" "2"

# Testing that mail is rejected for non existing user
assert_raises "docker exec mail grep '<nouser@localhost.localdomain>: Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail.log" 0

# Testing that mail is received for existing alias
assert_raises "docker exec mail grep 'to=<user1@localhost.localdomain>, orig_to=<alias1@localhost.localdomain>' /var/log/mail.log | grep 'status=sent'" 0

# Testing that mail is redirected for external alias
assert_raises "docker exec mail grep -- '-> <external1@otherdomain.tld>' /var/log/mail.log" 0

# Testing that a SPAM is rejected
assert_raises "docker exec mail grep 'Blocked SPAM' /var/log/mail.log | grep spam@external.tld" 0

# Testing that a Virus is rejected
assert_raises "docker exec mail grep 'Blocked INFECTED' /var/log/mail.log | grep virus@external.tld" 0

# Testing presence of freshclam CRON
assert "docker exec mail crontab -l" "0 1 * * * /usr/bin/freshclam --quiet"

# Testing that log don't display errors
assert_raises "docker exec mail grep 'non-null host address bits in' /var/log/mail.log" 1
assert_raises "docker exec mail grep ': error:' /var/log/mail.log" 1

# Testing that pop3 container log don't display errors
assert_raises "docker exec mail_pop3 grep 'non-null host address bits in' /var/log/mail.log" 1
assert_raises "docker exec mail_pop3 grep ': error:' /var/log/mail.log" 1

# Testing OpenDKIM
assert "docker exec mail cat /etc/opendkim/KeyTable | wc -l" "2"
assert "docker exec mail ls -l /etc/opendkim/keys/ | grep '^d' | wc -l" "2"

# Testing OpenDMARC
assert "docker exec mail cat /etc/opendmarc.conf | grep ^AuthservID | wc -l" "1"
assert "docker exec mail cat /etc/opendmarc.conf | grep ^TrustedAuthservID | wc -l" "1"

# Testing hostname config
assert "docker exec mail cat /etc/mailname" "my-domain.com"

# Testing presence of LetsEncrypt signed certs
assert_raises "docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem" "0"
assert_raises "docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem" "0"

# Testing generated ssl certs
assert_raises "docker exec mail openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ | grep 'Verify return code: 0 (ok)'" "0"

# Testing fail2ban
assert_raises "docker exec mail fail2ban-client status sasl | grep 'IP list:\s*127.0.0.1'" 1

docker exec mail fail2ban-client set sasl delignoreip 127.0.0.1/8 &> /dev/null

docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt' &> /dev/null
docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt' &> /dev/null
docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt' &> /dev/null

sleep 10
assert_raises "docker exec mail fail2ban-client status sasl | grep 'IP list:\s*127.0.0.1'" 0

docker exec mail fail2ban-client set sasl addignoreip 127.0.0.1/8 &> /dev/null
docker exec mail fail2ban-client set sasl unbanip 127.0.0.1 &> /dev/null

sleep 10
assert_raises "docker exec mail fail2ban-client status sasl | grep 'IP list:\s*127.0.0.1'" 1

# Ending tests
assert_end
Added integration testing - #28 2015-10-18 19:02:46 +00:00			`#!/bin/bash`

			`# Set up test framework`
			`source assert.sh`

Add pop3 support 2016-01-23 22:51:09 +00:00			`# Testing that services are running and pop3 is disabled`
added fail2ban tests 2016-02-13 03:43:57 +00:00			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/lib/postfix/master'" 0`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/sbin/saslauthd'" 0`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/sbin/clamd'" 0`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/sbin/amavisd-new'" 0`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/sbin/opendkim'" 0`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/sbin/opendmarc'" 0`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/lib/courier/courier/courierpop3d'" 1`
			`assert_raises "docker exec mail ps aux --forest \| grep -v grep \| grep '/usr/bin/python /usr/bin/fail2ban-server'" 0`
Add pop3 support 2016-01-23 22:51:09 +00:00
			`# Testing services of pop3 container`
added fail2ban tests 2016-02-13 03:43:57 +00:00			`assert_raises "docker exec mail_pop3 ps aux --forest \| grep -v grep \| grep '/usr/lib/courier/courier/courierpop3d'" 0`
Added test for crontab and services 2015-10-18 20:02:47 +00:00
Added IMAP connection integration test 2015-11-22 00:57:52 +00:00			`# Testing IMAP server`
			`assert_raises "docker exec mail nc -w 1 0.0.0.0 143 \| grep '* OK' \| grep 'STARTTLS' \| grep 'Courier-IMAP ready'" 0`
Added tests for SMTP auth 2016-01-22 16:51:58 +00:00			`assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 143 < /tmp/test/auth/imap-auth.txt'" 0`
Added IMAP connection integration test 2015-11-22 00:57:52 +00:00
Add pop3 support 2016-01-23 22:51:09 +00:00			`# Testing POP3 server on pop3 container`
			`assert_raises "docker exec mail_pop3 nc -w 1 0.0.0.0 110 \| grep '+OK'" 0`
			`assert_raises "docker exec mail_pop3 /bin/sh -c 'nc -w 1 0.0.0.0 110 < /tmp/test/auth/pop3-auth.txt'" 0`

Fix for #44 and #47, also enabling plain and login mechs. 2016-01-12 00:02:47 +00:00			`# Testing SASL`
			`assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p mypassword \| grep 'OK \"Success.\"'" 0`
			`assert_raises "docker exec mail testsaslauthd -u user2 -r otherdomain.tld -p BADPASSWORD \| grep 'NO \"authentication failed\"'" 0`
Added tests for SMTP auth 2016-01-22 16:51:58 +00:00			`assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-plain.txt' \| grep 'Authentication successful'"`
			`assert_raises "docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login.txt' \| grep 'Authentication successful'"`
Fix for #44 and #47, also enabling plain and login mechs. 2016-01-12 00:02:47 +00:00
Added integration testing - #28 2015-10-18 19:02:46 +00:00			`# Testing user creation`
Testing with real emails 2015-10-19 13:41:51 +00:00			`assert "docker exec mail sasldblistusers2" "user1@localhost.localdomain: userPassword\nuser2@otherdomain.tld: userPassword"`
Update test.sh 2016-02-11 17:36:08 +00:00			`assert "docker exec mail ls -A /var/mail/localhost.localdomain/user1" ".Drafts\n.Sent\n.Trash\ncourierimapsubscribed\ncur\nnew\ntmp"`
			`assert "docker exec mail ls -A /var/mail/otherdomain.tld/user2" ".Drafts\n.Sent\n.Trash\ncourierimapsubscribed\ncur\nnew\ntmp"`
Added integration testing - #28 2015-10-18 19:02:46 +00:00
Testing with real emails 2015-10-19 13:41:51 +00:00			# Testing `vhost` creation
			`assert "docker exec mail cat /etc/postfix/vhost" "localhost.localdomain\notherdomain.tld"`

Added integration testing - #28 2015-10-18 19:02:46 +00:00			`# Testing that mail is received for existing user`
Testing with real emails 2015-10-19 13:41:51 +00:00			`assert_raises "docker exec mail grep 'status=sent (delivered to maildir)' /var/log/mail.log" 0`
Added tests and simplified some of them 2016-02-03 21:45:11 +00:00			`assert "docker exec mail ls -A /var/mail/localhost.localdomain/user1/new \| wc -l" "2"`
Testing with real emails 2015-10-19 13:41:51 +00:00
			`# Testing that mail is rejected for non existing user`
			`assert_raises "docker exec mail grep '<nouser@localhost.localdomain>: Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail.log" 0`

			`# Testing that mail is received for existing alias`
			`assert_raises "docker exec mail grep 'to=<user1@localhost.localdomain>, orig_to=<alias1@localhost.localdomain>' /var/log/mail.log \| grep 'status=sent'" 0`

			`# Testing that mail is redirected for external alias`
			`assert_raises "docker exec mail grep -- '-> <external1@otherdomain.tld>' /var/log/mail.log" 0`

			`# Testing that a SPAM is rejected`
Added tests and simplified some of them 2016-02-03 21:45:11 +00:00			`assert_raises "docker exec mail grep 'Blocked SPAM' /var/log/mail.log \| grep spam@external.tld" 0`
Testing with real emails 2015-10-19 13:41:51 +00:00
Fixed error reported by jderusse 2015-12-05 18:08:39 +00:00			`# Testing that a Virus is rejected`
Added tests and simplified some of them 2016-02-03 21:45:11 +00:00			`assert_raises "docker exec mail grep 'Blocked INFECTED' /var/log/mail.log \| grep virus@external.tld" 0`
Added integration testing - #28 2015-10-18 19:02:46 +00:00
Added test for crontab and services 2015-10-18 20:02:47 +00:00			`# Testing presence of freshclam CRON`
			`assert "docker exec mail crontab -l" "0 1 * * * /usr/bin/freshclam --quiet"`

Added tests on error logs 2015-10-19 10:06:11 +00:00			`# Testing that log don't display errors`
Testing with real emails 2015-10-19 13:41:51 +00:00			`assert_raises "docker exec mail grep 'non-null host address bits in' /var/log/mail.log" 1`
			`assert_raises "docker exec mail grep ': error:' /var/log/mail.log" 1`
Added tests on error logs 2015-10-19 10:06:11 +00:00
Add pop3 support 2016-01-23 22:51:09 +00:00			`# Testing that pop3 container log don't display errors`
			`assert_raises "docker exec mail_pop3 grep 'non-null host address bits in' /var/log/mail.log" 1`
			`assert_raises "docker exec mail_pop3 grep ': error:' /var/log/mail.log" 1`

Improves #55 and #56 with OpenDKIM tests 2016-01-26 16:05:07 +00:00			`# Testing OpenDKIM`
Added tests and simplified some of them 2016-02-03 21:45:11 +00:00			`assert "docker exec mail cat /etc/opendkim/KeyTable \| wc -l" "2"`
			`assert "docker exec mail ls -l /etc/opendkim/keys/ \| grep '^d' \| wc -l" "2"`
Improves #55 and #56 with OpenDKIM tests 2016-01-26 16:05:07 +00:00
- added test for opendkim 2016-01-28 19:56:15 +00:00			`# Testing OpenDMARC`
			`assert "docker exec mail cat /etc/opendmarc.conf \| grep ^AuthservID \| wc -l" "1"`
			`assert "docker exec mail cat /etc/opendmarc.conf \| grep ^TrustedAuthservID \| wc -l" "1"`

Added tests and simplified some of them 2016-02-03 21:45:11 +00:00			`# Testing hostname config`
			`assert "docker exec mail cat /etc/mailname" "my-domain.com"`

Added test on default ssl certs and added letsencrypt X1 and X2 certificates 2016-02-08 22:47:42 +00:00			`# Testing presence of LetsEncrypt signed certs`
			`assert_raises "docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem" "0"`
			`assert_raises "docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem" "0"`

			`# Testing generated ssl certs`
			`assert_raises "docker exec mail openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/certs/ \| grep 'Verify return code: 0 (ok)'" "0"`

added fail2ban tests 2016-02-13 03:43:57 +00:00			`# Testing fail2ban`
			`assert_raises "docker exec mail fail2ban-client status sasl \| grep 'IP list:\s*127.0.0.1'" 1`

			`docker exec mail fail2ban-client set sasl delignoreip 127.0.0.1/8 &> /dev/null`

			`docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt' &> /dev/null`
			`docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt' &> /dev/null`
			`docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt' &> /dev/null`

fixed timing problem for fail2ban test 2016-02-13 04:37:06 +00:00			`sleep 10`
added fail2ban tests 2016-02-13 03:43:57 +00:00			`assert_raises "docker exec mail fail2ban-client status sasl \| grep 'IP list:\s*127.0.0.1'" 0`

			`docker exec mail fail2ban-client set sasl addignoreip 127.0.0.1/8 &> /dev/null`
			`docker exec mail fail2ban-client set sasl unbanip 127.0.0.1 &> /dev/null`

fixed timing problem for fail2ban test 2016-02-13 04:37:06 +00:00			`sleep 10`
added fail2ban tests 2016-02-13 03:43:57 +00:00			`assert_raises "docker exec mail fail2ban-client status sasl \| grep 'IP list:\s*127.0.0.1'" 1`

Added integration testing - #28 2015-10-18 19:02:46 +00:00			`# Ending tests`
added fail2ban tests 2016-02-13 03:43:57 +00:00			`assert_end`